Documentation
¶
Index ¶
Constants ¶
const ( // AuthorityTypeDefault is the default authority type. // This is used to specify the authority type when requesting a token. AuthorityTypeDefault = "default" // AuthorityTypeMultiTenant is the multi-tenant authority type. // This is used to specify the multi-tenant authority type when requesting a token. // This type of authority is used to authenticate the identity when requesting a token. AuthorityTypeMultiTenant = "multi-tenant" // AuthorityTypeCustom is the custom authority type. // This is used to specify the custom authority type when requesting a token. AuthorityTypeCustom = "custom" )
const ( // SystemAssignedIdentity is the type of identity that is automatically managed by Azure. SystemAssignedIdentity = "SystemAssigned" // UserAssignedObjectID is the type of identity that is managed by the user. UserAssignedObjectID = "UserAssignedObjectID" // ClientSecretCredentialType is the type of credentials that uses a client secret to authenticate. ClientSecretCredentialType = "ClientSecret" // ClientCertificateCredentialType is the type of credentials that uses a client certificate to authenticate. ClientCertificateCredentialType = "ClientCertificate" // RedisScopeDefault is the default scope for Redis. // This is used to specify the scope that the identity has access to when requesting a token. // The scope is typically the URL of the resource that the identity has access to. RedisScopeDefault = "https://redis.azure.com/.default" // RedisResource is the default resource for Redis. // This is used to specify the resource that the identity has access to when requesting a token. // The resource is typically the URL of the resource that the identity has access to. RedisResource = "https://redis.azure.com" )
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type AuthorityConfiguration ¶
type AuthorityConfiguration struct {
// AuthorityType is the type of authority used to authenticate with the identity provider.
// This can be either "default", "multi-tenant", or "custom".
AuthorityType string
// Authority is the authority used to authenticate with the identity provider.
// This is typically the URL of the identity provider.
// For example, "https://login.microsoftonline.com/{tenantID}/v2.0"
Authority string
// TenantID is the tenant ID of the identity provider.
// This is used to identify the tenant when requesting a token.
// This is typically the ID of the Azure Active Directory tenant.
TenantID string
}
AuthorityConfiguration represents the authority configuration for the identity provider. It is used to configure the authority type and authority URL when requesting a token.
type ConfidentialIdentityProvider ¶
type ConfidentialIdentityProvider struct {
// contains filtered or unexported fields
}
ConfidentialIdentityProvider represents a confidential identity provider.
func NewConfidentialIdentityProvider ¶
func NewConfidentialIdentityProvider(opts ConfidentialIdentityProviderOptions) (*ConfidentialIdentityProvider, error)
NewConfidentialIdentityProvider creates a new confidential identity provider. It is used to configure the identity provider when requesting a token. It is used to specify the client ID, tenant ID, and scopes for the identity. It is also used to specify the type of credentials used to authenticate with the identity provider. The credentials can be either a client secret or a client certificate. The authority is used to authenticate with the identity provider.
func (*ConfidentialIdentityProvider) RequestToken ¶
func (c *ConfidentialIdentityProvider) RequestToken(ctx context.Context) (shared.IdentityProviderResponse, error)
RequestToken requests a token from the identity provider. It returns the identity provider response, including the auth result.
type ConfidentialIdentityProviderOptions ¶
type ConfidentialIdentityProviderOptions struct {
// ClientID is the client ID used to authenticate with the identity provider.
ClientID string
// CredentialsType is the type of credentials used to authenticate with the identity provider.
// This can be either "ClientSecret" or "ClientCertificate".
CredentialsType string
// ClientSecret is the client secret used to authenticate with the identity provider.
ClientSecret string
// ClientCert is the client certificate used to authenticate with the identity provider.
ClientCert []*x509.Certificate
// ClientPrivateKey is the private key used to authenticate with the identity provider.
ClientPrivateKey crypto.PrivateKey
// Scopes is the list of scopes used to request a token from the identity provider.
Scopes []string
// Authority is the authority used to authenticate with the identity provider.
Authority AuthorityConfiguration
// contains filtered or unexported fields
}
ConfidentialIdentityProviderOptions represents the options for the confidential identity provider.
type DefaultAzureIdentityProvider ¶
type DefaultAzureIdentityProvider struct {
// contains filtered or unexported fields
}
func NewDefaultAzureIdentityProvider ¶
func NewDefaultAzureIdentityProvider(opts DefaultAzureIdentityProviderOptions) (*DefaultAzureIdentityProvider, error)
NewDefaultAzureIdentityProvider creates a new DefaultAzureIdentityProvider.
func (*DefaultAzureIdentityProvider) RequestToken ¶
func (a *DefaultAzureIdentityProvider) RequestToken(ctx context.Context) (shared.IdentityProviderResponse, error)
RequestToken requests a token from the Azure Default Identity provider. It returns the token, the expiration time, and an error if any.
type DefaultAzureIdentityProviderOptions ¶
type DefaultAzureIdentityProviderOptions struct {
// AzureOptions is the options used to configure the Azure identity provider.
AzureOptions *azidentity.DefaultAzureCredentialOptions
// Scopes is the list of scopes used to request a token from the identity provider.
Scopes []string
// contains filtered or unexported fields
}
DefaultAzureIdentityProviderOptions represents the options for the DefaultAzureIdentityProvider.
type ManagedIdentityClient ¶
type ManagedIdentityClient interface {
// AcquireToken acquires a token using the managed identity.
// It returns the token and an error if any.
AcquireToken(ctx context.Context, resource string, opts ...mi.AcquireTokenOption) (public.AuthResult, error)
}
ManagedIdentityClient is an interface that defines the methods for a managed identity client. It is used to acquire a token using the managed identity.
type ManagedIdentityProvider ¶
type ManagedIdentityProvider struct {
// contains filtered or unexported fields
}
ManagedIdentityProvider represents a managed identity provider.
func NewManagedIdentityProvider ¶
func NewManagedIdentityProvider(opts ManagedIdentityProviderOptions) (*ManagedIdentityProvider, error)
NewManagedIdentityProvider creates a new managed identity provider for Azure with managed identity. It is used to configure the identity provider when requesting a token.
func (*ManagedIdentityProvider) RequestToken ¶
func (m *ManagedIdentityProvider) RequestToken(ctx context.Context) (shared.IdentityProviderResponse, error)
RequestToken requests a token from the managed identity provider. It returns IdentityProviderResponse, which contains the Acc and the expiration time.
type ManagedIdentityProviderOptions ¶
type ManagedIdentityProviderOptions struct {
// UserAssignedObjectID is the object ID that is used to identify the user assigned identity.
// This is used to identify the identity when requesting a token.
UserAssignedObjectID string
// ManagedIdentityType is the type of managed identity.
// This can be either SystemAssigned or UserAssignedObjectID.
ManagedIdentityType string
// Scopes is a list of scopes that the identity has access to.
// This is used to specify the permissions that the identity has when requesting a token.
Scopes []string
}
ManagedIdentityProviderOptions represents the options for the managed identity provider. It is used to configure the identity provider when requesting a token.
Source Files